With a survey estimating that a million Web sites are vulnerable to a set of newly discovered scripting flaws, security experts are predicting that a worm that uses the software bugs to spread could be on the way. As previously reported by CNET News.com, the flaws occur in Web server modules using the Personal Homepage scripting language, more commonly known as PHP.. . .

With a survey estimating that a million Web sites are vulnerable to a set of newly discovered scripting flaws, security experts are predicting that a worm that uses the software bugs to spread could be on the way. As previously reported by CNET News.com, the flaws occur in Web server modules using the Personal Homepage scripting language, more commonly known as PHP. The language is widely used among sites built on open-source software and allows such sites to create Web pages on the fly.

David Dittrich, senior security engineer at the University of Washington, stressed that while the technical nature of the flaws would make creating a worm more difficult, the Net is rife with groups that have the wherewithal and knowledge to pull off the job.

The link for this article located at ZDNet is no longer available.